package cn.tristenstudy.blog.controller.admin;

import cn.tristenstudy.blog.pojo.User;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.servlet.mvc.support.RedirectAttributes;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

/**
 * 用户后台管理 controller
 *
 * @author xichen1.li
 * @date 2020-12-23 20:27
 */
@Controller
@RequestMapping("/user")
public class UserController {

    /**
     * 跳转登录页面
     *
     * @return 登录页面
     */
    @GetMapping("/toLogin")
    public String toLogin() {
        return "admin/login";
    }

    /**
     * 后代登录校验
     *
     * @param username   用户名
     * @param password   密码
     * @param attributes attributes
     * @return 结果
     */
    @PostMapping("/login")
    public String login(String username, String password, RedirectAttributes attributes, HttpServletRequest request) {
        if (!StringUtils.hasLength(username) || !StringUtils.hasLength(password)) {
            //密码错误
            attributes.addFlashAttribute("message", "用户名或密码不能为空！");
            return "redirect:/user/toLogin";
        }
        //获取当前用户
        Subject subject = SecurityUtils.getSubject();
        //封装用户的登录数据
        UsernamePasswordToken token = new UsernamePasswordToken(username, password);
        System.out.println(token);
        try {
            //执行登录方法
            subject.login(token);
            User currentUser = (User) subject.getPrincipal();
            HttpSession session = request.getSession();
            session.setAttribute("nickname",currentUser.getNickName());
            session.setAttribute("email",currentUser.getEmail());
            session.setAttribute("avatar",currentUser.getAvatar());
            return "admin/index";
        } catch (UnknownAccountException e) {
            //用户名不存在
            attributes.addFlashAttribute("message", "用户名错误!");
            return "redirect:/user/toLogin";
        } catch (IncorrectCredentialsException e) {
            //密码错误
            attributes.addFlashAttribute("message", "密码错误！");
            return "redirect:/user/toLogin";
        }
    }

    /**
     * 注销登录
     */
    @GetMapping("/logout")
    public String logout() {
        //获取当前用户
        Subject subject = SecurityUtils.getSubject();
        subject.logout();
        return "index";
    }

    @RequestMapping("/unauthorized")
    @ResponseBody
    public String unauthorized() {
        return "未经授权，无法访问此页面";
    }
}
